Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Guidance for Authentication, Authorization, and Accounting (AAA) Key Management
draft-housley-aaa-key-mgmt-09

Yes

(Jari Arkko)

(Sam Hartman)

No Objection

(Bill Fenner)

(Brian Carpenter)

(Chris Newman)

(Cullen Jennings)

(Dan Romascanu)

(David Kessens)

(Jon Peterson)

(Lars Eggert)

(Lisa Dusseault)

(Mark Townsley)

(Ross Callon)

(Ted Hardie)

Recuse

(Russ Housley)

Note: This ballot was opened for revision 09 and is now closed.

Jari Arkko Former IESG member

(was Discuss) Yes

Yes (2007-02-12) Unknown

My Discuss has been cleared based on the new version -07 that Russ Housley prepared.

Sam Hartman Former IESG member

(was Discuss, Yes) Yes

Yes () Unknown

Bill Fenner Former IESG member

No Objection

No Objection () Unknown

Brian Carpenter Former IESG member

No Objection

No Objection () Unknown

Chris Newman Former IESG member

No Objection

No Objection (2007-04-26) Unknown

Minor comments:

Section 2, last paragraph:
OLD:
   however, other parties may receive keys that is derived from this
                                                ^^
NEW:
   however, other parties may receive keys that are derived from this

Section 3,
>      Cryptographic algorithm independent

Although this section implies hash function agility is required, it might be clearer to make that explicit.

Cullen Jennings Former IESG member

No Objection

No Objection () Unknown

Dan Romascanu Former IESG member

No Objection

No Objection (2007-01-11) Unknown

(contributed by AAA doctor David Nelson who reviewed the document and is confortable with its content). 

The following text in Section 2 seems to be duplicated, and should probably show up only once: 

   However, due to ad hoc development of AAA-
   based key management, AAA-based key distribution schemes have poorly
   understood security properties, even when well-studied cryptographic
   algorithms are employed.  More academic research is needed to fully
   understand the security properties of AAA-based key management in the
   diverse protocol environments where it is being employed today.  In
   the absence of research results, pragmatic guidance based on sound
   security engineering principles is needed.

David Kessens Former IESG member

No Objection

No Objection () Unknown

Jon Peterson Former IESG member

No Objection

No Objection () Unknown

Lars Eggert Former IESG member

No Objection

No Objection () Unknown

Lisa Dusseault Former IESG member

No Objection

No Objection () Unknown

Mark Townsley Former IESG member

No Objection

No Objection () Unknown

Ross Callon Former IESG member

No Objection

No Objection () Unknown

Ted Hardie Former IESG member

No Objection

No Objection () Unknown

Russ Housley Former IESG member

Recuse

Recuse () Unknown

Guidance for Authentication, Authorization, and Accounting (AAA) Key Management draft-housley-aaa-key-mgmt-09

Guidance for Authentication, Authorization, and Accounting (AAA) Key Management
draft-housley-aaa-key-mgmt-09